[dns-operations] What's the most EDNS option codes you seen?
Mark Andrews
marka at isc.org
Tue Mar 7 22:51:24 UTC 2017
In message <45131F1B-43E2-4D1A-B5C2-5E7CA1D00707 at senki.org>, Barry Raveendran G
reene writes:
> Has anyone every looked at the number of ENDS option coded uses at one time?
As many as you can fit into 64k and still get a answer back. Dig
supports sending 100 if I'm remembering correctly. There aren't
that many options to play with yet.
I should turn on expire for SOA queries in DiG and make NSID the
default. BIND 9.12 fodder.
Named will make queries with EXPIRE and COOKIE by default. NSID needs
to be requested through named.conf.
[rock:~/git/bind9] marka% dig soa . +expire +nsid +subnet=0 +ednsopt=100 +qr +norec
; <<>> DiG 9.12.0-pre-alpha+hotspot+add-prefetch+marka <<>> soa . +expire +nsid +subnet=0 +ednsopt=100 +qr +norec
;; global options: +cmd
;; Sending:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24131
;; flags: ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; NSID
; CLIENT-SUBNET: 0.0.0.0/0/0
; COOKIE: f1ffbf0f080a1307
; EXPIRE
; OPT=100
;; QUESTION SECTION:
;. IN SOA
;; QUERY SIZE: 60
;; BADCOOKIE, retrying.
;; Sending:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11332
;; flags: ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; NSID
; CLIENT-SUBNET: 0.0.0.0/0/0
; COOKIE: f1ffbf0f080a1307b5f8127258bf3643a83ebd18b1052891
; EXPIRE
; OPT=100
;; QUESTION SECTION:
;. IN SOA
;; QUERY SIZE: 76
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11332
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; NSID: 72 6f 63 6b 2e 64 76 2e 69 73 63 2e 6f 72 67 ("rock.dv.isc.org")
; COOKIE: f1ffbf0f080a1307482c9d3b58bf3643c7b10fc4c54e9a23 (good)
; EXPIRE: 554351 (6 days 9 hours 59 minutes 11 seconds)
; CLIENT-SUBNET: 0.0.0.0/0/0
;; QUESTION SECTION:
;. IN SOA
;; ANSWER SECTION:
. 86400 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2017030700 1800 900 604800 86400
;; AUTHORITY SECTION:
. 518400 IN NS i.root-servers.net.
. 518400 IN NS m.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS a.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS g.root-servers.net.
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Mar 08 09:37:55 EST 2017
;; MSG SIZE rcvd: 359
[rock:~/git/bind9] marka%
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations
mailing list